EP1033007A1 - System and method for authenticating signatures - Google Patents

System and method for authenticating signatures

Info

Publication number
EP1033007A1
EP1033007A1 EP98933872A EP98933872A EP1033007A1 EP 1033007 A1 EP1033007 A1 EP 1033007A1 EP 98933872 A EP98933872 A EP 98933872A EP 98933872 A EP98933872 A EP 98933872A EP 1033007 A1 EP1033007 A1 EP 1033007A1
Authority
EP
European Patent Office
Prior art keywords
signature
parameters
digitizer
record
comparator
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP98933872A
Other languages
German (de)
French (fr)
Other versions
EP1033007A4 (en
Inventor
Nir Bar Natan
Jonathan Bassan
Oren Grozovik
Shai Waisel
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WONDERNET LTD.
Original Assignee
Graphitech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Graphitech Ltd filed Critical Graphitech Ltd
Publication of EP1033007A1 publication Critical patent/EP1033007A1/en
Publication of EP1033007A4 publication Critical patent/EP1033007A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/30Writer recognition; Reading and verifying signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the present invention relates to a system and method for authenticating signatures in general and, in particular, to a system and method for authenticating signatures transmitted over digital communication lines.
  • a system for authenticating a signature including a digitizer, an electronic pen, a dynamic identification unit for measuring vectors produced during signature by the electronic pen on the digitizer, and a comparator for comparing the vectors produced during signature with a reference signature.
  • the system also includes an encryptor for encrypting a signature record and a decoder for decoding the encrypted signature record.
  • the reference signature record is stored on an IC (integrated chip) card.
  • a method of authenticating a signature including the steps of providing a reference signature record, signing with an electronic pen on a digitizer tablet, calculating parameters from data produced during signing on the digitizer tablet; comparing the parameters produced during signature with a reference signature record; and providing an accept or reject response in accordance with results of the comparison.
  • the method also includes the steps of encrypting the calculated parameters with a encryption key, and decrypting the encrypted data before comparing the parameters.
  • the method includes the step of transmitting the calculated parameters over a transmission line to a remote location before the step of comparing.
  • Fig. 1 is a schematic illustration of a signature authentication system according to one embodiment of the present invention
  • Fig. 2 is a schematic illustration of a signature authentication system according to one embodiment of the present invention
  • Fig. 3 is a flow chart of a method of providing a reference signature according to the invention
  • Fig. 4 is a flow chart of a method of authenticating a signature
  • Fig. 5 is a detail of a method of comparing the signature in the method of Fig. 4.
  • Fig. 6 is a flow chart of a method of updating a reference signature.
  • the present invention relates to a system and method for authenticating signatures, the system and method being suitable also for authenticating signatures transmitted over communication lines.
  • the present invention uses signature vector recognition and is based on the use of a digitizer together with software in a dynamic identification unit which calculates parameters based on data produced during signature by the electronic pen on the digitizer tablet. These parameters, which are unique to each person when he signs his own name, are compared with the parameters in a reference signature record, or personal signature profile, which is based on data produced during a number of signatures, to determine whether the signature is authentic (i.e., signature by the authorized signatory) or forged.
  • a digitizer refers to any device which converts a location on an X,Y tablet, possibly with the angle of the pen and the pressure on the pen, to a numerical value
  • an electronic pen is any device by which a person can write or sign on a digitizer tablet such that parameters of his handwriting can be detected by the digitizer.
  • the system can be used to authenticate the handwriting of any predetermined word or words for which a reference record is made. Since the most common words used to identify a person are his signature, the present application refers to signatures, by way of non-limiting example, only.
  • Fig. 1 there is shown a schematic illustration of a system for authenticating a signature constructed and operative in accordance with one embodiment of the invention.
  • the system includes a digitizer 10 with an associated electronic pen 12 coupled to a computer 14 for authenticating a signature at the time and place of signature.
  • Digitizer 10 can be any conventional digitizer, such as a Wacom Digitizer, manufactured by Wacom Co. Ltd., Japan .
  • the signatory carries an Integrated Chip (IC) card, or smart card 15 on which is stored a reference signature record, or personal signature profile, for the signatory.
  • Computer 14 includes a comparator 17, which compares the signature to be authenticated with the reference signature record stored on IC card 15. If the signature is within predefined tolerances of the reference signature, comparator 17 sends an accept signal to computer 14. If the signature is not within the predefined tolerances of the reference signature, comparator 17 sends a reject signal to computer 14.
  • Fig. 2 there is shown a schematic illustration of a system for authenticating a signature constructed and operative in accordance with an alternative embodiment of the invention.
  • the system includes a digitizer 10' with an associated electronic pen 12' coupled to a computer 14' having a modem (not shown) for transmitting data from computer 14' to a remote location 16, generally a bank or credit card company in the present example.
  • the data is received by a dynamic identification unit 20 arranged to receive the data produced during signature by the electronic pen on the digitizer tablet and calculate therefrom a table of parameters which constitutes a signature record.
  • the result is provided to a comparator 22 which compares the signature to be authenticated with a reference signature record, or personal signature profile, stored in its memory 24. If the signature is within predefined tolerances of the reference signature, comparator 22 sends an accept signal to computer 14' . If the signature is not within the predefined tolerances of the reference signature, comparator 22 sends a reject signal to computer 14' .
  • a reference signature record or personal signature profile
  • a reference signature record must be provided for the bank or credit card company or other body which must accept or reject the signature, as shown in Fig. 2. This is done at the time of opening an account or requesting a credit card.
  • the user signs his name on a digitizer tablet coupled to the computer of the credit card company.
  • the pen position over the tablet is recorded by the computer to produce vectors, and a mathematical analysis is performed to learn the following parameters at any given time during the signature process: pen position (X,Y coordinates) over the tablet; sequences of drawing: number of letters, relative position, and time to draw; acceleration and deceleration during signature; direction changes.
  • the computer can also calculate pen tilt relative to the tablet and pen pressure, if the digitizer used is capable of providing this data.
  • the digitizer data of the signature are input 30 to the dynamic identification unit in the computer.
  • the dynamic identification unit records 32 the parameters of the signature.
  • the recorded parameters are arranged 34 in a table of parameters. This process is repeated 36 a predetermined number of times, for example between 5 and 10, so as to permit the dynamic identification unit to calculate the tolerances 38 associated with the variations in the individual's signature, which is never identical.
  • the range of acceptable variations in a personal signature profile will vary from person to person. Once the parameter table and tolerances have been determined, these are stored in the computer memory for later reference as the reference signature record.
  • the personal signature profile consists of an array of parameters and logical tolerances or permitted variations, not an "average" signature.
  • a personal ID code is also recorded 39 together with the signature vector table.
  • This personal ID code serves as an encryption key to provide additional security for signature data transmitted over transmission lines.
  • This encryption key can be any string selected by the user which is known only to him and the credit card company. While the password selected by the credit card company, which is used in cash machines, etc. in conventional credit card authentication systems, can be used as the encryption key, it is preferable to select a key which does not appear on the card.
  • One example of a suitable encryption key is the user's birthdate.
  • the dynamic identification unit will recognize a person's signature even if it is signed upside down (i.e., where the cardholder is in front of a counter) or rotated to any other angle, where the signature is smaller or larger in size, or slightly different in details.
  • the purchaser's signature is authenticated as follows, as shown in Fig. 3.
  • the customer signs with an electronic pen on a digitizer tablet in the store or on the digitizer tablet coupled to his home computer.
  • the record of the signature is received 40 by the credit card company.
  • the dynamic identification unit retrieves 42 the reference signature record of the cardholder. It may also retrieve 44 the personal ID code of the cardholder from the company computer if the signature is encrypted with the personal ID code. Generally this is necessary when making purchases other that at point of sale. If the record of the signature was encrypted (described in detail hereinbelow) the record is now decrypted 46. If no recognizable signature record is received 48, the signature is rejected.
  • the dynamic identification unit proceeds to identify the signature 50, as shown in detail in Fig. 4.
  • the dynamic identification unit traces 52 the vector lines in the signature record and fills a parameter table 54 with the various parameters.
  • the parameter table of the signature record is compared 56 with the reference parameter table stored in the computer memory.
  • Parameters for comparison are selected, for example, from the characteristics listed above. Any or all may be selected for use by the programmer.
  • the comparator can determine whether there is a significant difference in time of writing the signature 58, which could indicate copying rather than an authentic signature. It can determine whether there is a difference in the number of vectors 60, i.e., whether a letter has been added or omitted. It can look for a change in the angle of the pen 62. It can determine whether there is a change in the relative direction of the signature 63. And it can determine whether there are differences in pressure during signing 64. If any of the examined parameters is significantly different, i.e., outside the range of tolerances 66 (Fig. 3) , the signature will be rejected. If the signature record meets all the characteristics of the reference signature record, the signature will be authenticated and accepted. An indication of acceptance is then sent to the point of purchase.
  • the Web surfer When making transactions at the point of sale, generally the physical lines are sufficiently secure that no encryption is required, although it can be used, if desired. However, for transactions over the Internet, encryption is recommended to prevent theft of the credit card details.
  • the Web surfer will have his own digitizer tablet coupled to his computer. After typing in the credit card number, as in conventional credit card purchases over the net, a signature authentication software driver will pop an input window to the cardholder's screen. The cardholder will type his personal ID code and then sign his name on the digitizer tablet. The vectors produced during signature on the digitizer tablet are calculated and the software encrypts the signature data using the personal ID code as the encryption key, as known.
  • the encrypted signature record is sent to the vendor, which may be a site on the Internet.
  • the vendor forwards the signature record, as is, to the credit card company for authentication of the signature.
  • the encrypted signature record reaches the credit card company, it is authenticated as described above with reference to Figs. 3 and 4.
  • the encryption key is also retrieved, permitting the dynamic identification unit to decrypt the signature record and compare it with the reference signature. In accordance with the results of the comparison, the credit card company will notify the vendor that the signature is accepted or rejected.
  • the authenticating computer will include means for detecting hacking. For example, if two identical signatures are received, one after another, the computer is preferably programmed to reject the second signature, even if it falls within the personal signature profile. This is because, in real life, no one signs his or her name exactly the same way twice in a row. On the other hand, over time, a person's signature tends to change. Therefore, according to a preferred embodiment of the invention, updating means is provided for changing the personal signature profile or reference signature record, in accordance with perceived, consistent changes in the signature. A flow chart of one example of suitable software for accomplishing this updating is illustrated in Fig. 5.
  • the comparator receives the signature for authentication and compares it with the personal signature profile (block 70) . If the result is not close to the edge of the tolerances or permitted variations, the comparator exits the program (block 72) . If the result is close to the edge of the tolerances or permitted variations, an invalid counter is incremented by one (block 74). The counter is checked (block 76) and, if the result is less than a pre-selected number, e.g. 5, the comparator exits the program (block 78) . If the results equals the pre-selected number, the old signature is replaced by the new signature (block 80) , and the Tolerance Table is rebuilt to include the new signature parameters and permitted variations (block 82) . At the same time, the Invalid Counter is cleared.
  • the signature authentication is utilized for network access, instead of a password.
  • the personal signature profile is provided to the network, in lieu of a personal passwork.
  • the user signs a digitizer coupled to his workstation, and the signature is compared with the personal signature profile.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Collating Specific Patterns (AREA)

Abstract

A system and method for authenticating a signature, the system including a digitizer (10) and associated electronic pen (12), a dynamic identification unit (14) for receiving data from the digitizer (10) produced during the signature by the electronic pen (12) on the digitizer (10), calculating signature parameters and permitted variations from the data, and generating a reference record (15) therefrom, a comparator (17) for comparing the received parameters produced during signature with the reference record (15), and apparatus for providing an accept or reject response in accordance with the output of the comparator (17).

Description

SYSTEM AND METHOD FOR AUTHENTICATING SIGNATURES FIELD OF THE INVENTION
The present invention relates to a system and method for authenticating signatures in general and, in particular, to a system and method for authenticating signatures transmitted over digital communication lines.
BACKGROUND OF THE INVENTION
In the field of computer graphics, it is known to use a digitizer to convert graphical data into electronic data for a computer. A user draws with an electronic pen on the digitizer tablet, and the digitizer converts the graphical data to electric signals. Such digitizers are used today for inputting data to computers, similar to a mouse. There are many occasions in which it is necessary to authenticate the signature of a person signing a document in order to ensure that the signatory is indeed the person whose name is being signed. One particular application is the field of credit cards, wherein sums of money change hands in reliance on the signature of the card holder. In the event that a card is stolen, a person who can forge the cardholder's signature can charge items against the cardholder's bank account. Similarly, when purchases are made over the telephone, the number and expiration date of the card are read to the vendor, but there is no way to verify whether the caller is an authorized user of the card.
This problem has reached new heights with the advent of the Internet, where sales are transacted by means of transmitting the number and expiration date of the credit card only, without any means of verifying the origin of the purchase. Since these communication lines are open, it is easy for a hacker to determine the number and expiration date of someone else's credit card which were transmitted over his modem, and to use that credit card for unauthorized purchases. Authentication of signatures by means of a graphical image (or bitmap) is not a solution because a photocopy of the signature looks authentic and cannot be detected.
Accordingly, there is a long felt need for and it would be very desirable to have a method of authenticating the signature of a person, particularly a person using a credit card, both in a conventional sales transaction in a store, and over transmission lines, such as the Internet.
SUMMARY OF THE INVENTION
According to the present invention, there is provided a system for authenticating a signature including a digitizer, an electronic pen, a dynamic identification unit for measuring vectors produced during signature by the electronic pen on the digitizer, and a comparator for comparing the vectors produced during signature with a reference signature.
According to a preferred embodiment, the system also includes an encryptor for encrypting a signature record and a decoder for decoding the encrypted signature record. According to another preferred embodiment, the reference signature record is stored on an IC (integrated chip) card.
In accordance with the present invention, there is also provided a method of authenticating a signature including the steps of providing a reference signature record, signing with an electronic pen on a digitizer tablet, calculating parameters from data produced during signing on the digitizer tablet; comparing the parameters produced during signature with a reference signature record; and providing an accept or reject response in accordance with results of the comparison.
According to a preferred embodiment, the method also includes the steps of encrypting the calculated parameters with a encryption key, and decrypting the encrypted data before comparing the parameters.
Further according to a preferred embodiment, the method includes the step of transmitting the calculated parameters over a transmission line to a remote location before the step of comparing.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will be further understood and appreciated from the following detailed description taken in conjunction with the drawings in which:
Fig. 1 is a schematic illustration of a signature authentication system according to one embodiment of the present invention; Fig. 2 is a schematic illustration of a signature authentication system according to one embodiment of the present invention;
Fig. 3 is a flow chart of a method of providing a reference signature according to the invention; Fig. 4 is a flow chart of a method of authenticating a signature;
Fig. 5 is a detail of a method of comparing the signature in the method of Fig. 4; and
Fig. 6 is a flow chart of a method of updating a reference signature.
DETAILED DESCRIPTION OF THE INVENTION
The present invention relates to a system and method for authenticating signatures, the system and method being suitable also for authenticating signatures transmitted over communication lines. The present invention uses signature vector recognition and is based on the use of a digitizer together with software in a dynamic identification unit which calculates parameters based on data produced during signature by the electronic pen on the digitizer tablet. These parameters, which are unique to each person when he signs his own name, are compared with the parameters in a reference signature record, or personal signature profile, which is based on data produced during a number of signatures, to determine whether the signature is authentic (i.e., signature by the authorized signatory) or forged.
For purposes of the present invention, a digitizer refers to any device which converts a location on an X,Y tablet, possibly with the angle of the pen and the pressure on the pen, to a numerical value, and an electronic pen is any device by which a person can write or sign on a digitizer tablet such that parameters of his handwriting can be detected by the digitizer. It will be appreciated that the system can be used to authenticate the handwriting of any predetermined word or words for which a reference record is made. Since the most common words used to identify a person are his signature, the present application refers to signatures, by way of non-limiting example, only.
It will be appreciated that there are many instances when it is desirable to authenticate the signature of a signatory, both in legal and business matters. The invention will be described hereinbelow with relation to credit cards, for which it is particularly suitable, by way of example only, but those skilled in the art will appreciate that it can also be applied in any other instance of signature verification where the system components can be made available .
When transmitting the signature over transmission lines for acceptance, as by a bank or credit card company, additional security can be provided by encrypting the signature with a secret key, known only to the signatory and the bank, which cannot be determined by downloading the data containing the signature signals from the transmission line.
Referring now to Fig. 1, there is shown a schematic illustration of a system for authenticating a signature constructed and operative in accordance with one embodiment of the invention. The system includes a digitizer 10 with an associated electronic pen 12 coupled to a computer 14 for authenticating a signature at the time and place of signature. This system is particularly suitable for point of sale use. Digitizer 10 can be any conventional digitizer, such as a Wacom Digitizer, manufactured by Wacom Co. Ltd., Japan .
The signatory carries an Integrated Chip (IC) card, or smart card 15 on which is stored a reference signature record, or personal signature profile, for the signatory. Computer 14 includes a comparator 17, which compares the signature to be authenticated with the reference signature record stored on IC card 15. If the signature is within predefined tolerances of the reference signature, comparator 17 sends an accept signal to computer 14. If the signature is not within the predefined tolerances of the reference signature, comparator 17 sends a reject signal to computer 14. Referring now to Fig. 2, there is shown a schematic illustration of a system for authenticating a signature constructed and operative in accordance with an alternative embodiment of the invention. The system includes a digitizer 10' with an associated electronic pen 12' coupled to a computer 14' having a modem (not shown) for transmitting data from computer 14' to a remote location 16, generally a bank or credit card company in the present example.
At remote location 16, the data is received by a dynamic identification unit 20 arranged to receive the data produced during signature by the electronic pen on the digitizer tablet and calculate therefrom a table of parameters which constitutes a signature record. The result is provided to a comparator 22 which compares the signature to be authenticated with a reference signature record, or personal signature profile, stored in its memory 24. If the signature is within predefined tolerances of the reference signature, comparator 22 sends an accept signal to computer 14' . If the signature is not within the predefined tolerances of the reference signature, comparator 22 sends a reject signal to computer 14' .
Operation of the system of the invention is as follows. First, a reference signature record, or personal signature profile, must be provided for the bank or credit card company or other body which must accept or reject the signature, as shown in Fig. 2. This is done at the time of opening an account or requesting a credit card. The user signs his name on a digitizer tablet coupled to the computer of the credit card company. The pen position over the tablet is recorded by the computer to produce vectors, and a mathematical analysis is performed to learn the following parameters at any given time during the signature process: pen position (X,Y coordinates) over the tablet; sequences of drawing: number of letters, relative position, and time to draw; acceleration and deceleration during signature; direction changes. Optionally the computer can also calculate pen tilt relative to the tablet and pen pressure, if the digitizer used is capable of providing this data. The digitizer data of the signature are input 30 to the dynamic identification unit in the computer. The dynamic identification unit records 32 the parameters of the signature. The recorded parameters are arranged 34 in a table of parameters. This process is repeated 36 a predetermined number of times, for example between 5 and 10, so as to permit the dynamic identification unit to calculate the tolerances 38 associated with the variations in the individual's signature, which is never identical. It will be appreciated that the range of acceptable variations in a personal signature profile will vary from person to person. Once the parameter table and tolerances have been determined, these are stored in the computer memory for later reference as the reference signature record. It will be appreciated that, preferably, the personal signature profile consists of an array of parameters and logical tolerances or permitted variations, not an "average" signature.
A personal ID code is also recorded 39 together with the signature vector table. This personal ID code serves as an encryption key to provide additional security for signature data transmitted over transmission lines. This encryption key can be any string selected by the user which is known only to him and the credit card company. While the password selected by the credit card company, which is used in cash machines, etc. in conventional credit card authentication systems, can be used as the encryption key, it is preferable to select a key which does not appear on the card. One example of a suitable encryption key is the user's birthdate.
It is a particular feature of the invention that the dynamic identification unit will recognize a person's signature even if it is signed upside down (i.e., where the cardholder is in front of a counter) or rotated to any other angle, where the signature is smaller or larger in size, or slightly different in details.
At the time of making a credit card purchase, the purchaser's signature is authenticated as follows, as shown in Fig. 3. The customer signs with an electronic pen on a digitizer tablet in the store or on the digitizer tablet coupled to his home computer. The record of the signature is received 40 by the credit card company. The dynamic identification unit retrieves 42 the reference signature record of the cardholder. It may also retrieve 44 the personal ID code of the cardholder from the company computer if the signature is encrypted with the personal ID code. Generally this is necessary when making purchases other that at point of sale. If the record of the signature was encrypted (described in detail hereinbelow) the record is now decrypted 46. If no recognizable signature record is received 48, the signature is rejected.
If the decryption results in a recognizable signature record, or if the signature record was not encrypted, the dynamic identification unit proceeds to identify the signature 50, as shown in detail in Fig. 4. The dynamic identification unit traces 52 the vector lines in the signature record and fills a parameter table 54 with the various parameters. The parameter table of the signature record is compared 56 with the reference parameter table stored in the computer memory.
Parameters for comparison are selected, for example, from the characteristics listed above. Any or all may be selected for use by the programmer. For example, the comparator can determine whether there is a significant difference in time of writing the signature 58, which could indicate copying rather than an authentic signature. It can determine whether there is a difference in the number of vectors 60, i.e., whether a letter has been added or omitted. It can look for a change in the angle of the pen 62. It can determine whether there is a change in the relative direction of the signature 63. And it can determine whether there are differences in pressure during signing 64. If any of the examined parameters is significantly different, i.e., outside the range of tolerances 66 (Fig. 3) , the signature will be rejected. If the signature record meets all the characteristics of the reference signature record, the signature will be authenticated and accepted. An indication of acceptance is then sent to the point of purchase.
When making transactions at the point of sale, generally the physical lines are sufficiently secure that no encryption is required, although it can be used, if desired. However, for transactions over the Internet, encryption is recommended to prevent theft of the credit card details. In this case, the Web surfer will have his own digitizer tablet coupled to his computer. After typing in the credit card number, as in conventional credit card purchases over the net, a signature authentication software driver will pop an input window to the cardholder's screen. The cardholder will type his personal ID code and then sign his name on the digitizer tablet. The vectors produced during signature on the digitizer tablet are calculated and the software encrypts the signature data using the personal ID code as the encryption key, as known.
The encrypted signature record is sent to the vendor, which may be a site on the Internet. The vendor forwards the signature record, as is, to the credit card company for authentication of the signature. When the encrypted signature record reaches the credit card company, it is authenticated as described above with reference to Figs. 3 and 4. When the reference signature data of the cardholder is retrieved, the encryption key is also retrieved, permitting the dynamic identification unit to decrypt the signature record and compare it with the reference signature. In accordance with the results of the comparison, the credit card company will notify the vendor that the signature is accepted or rejected.
Preferably, the authenticating computer will include means for detecting hacking. For example, if two identical signatures are received, one after another, the computer is preferably programmed to reject the second signature, even if it falls within the personal signature profile. This is because, in real life, no one signs his or her name exactly the same way twice in a row. On the other hand, over time, a person's signature tends to change. Therefore, according to a preferred embodiment of the invention, updating means is provided for changing the personal signature profile or reference signature record, in accordance with perceived, consistent changes in the signature. A flow chart of one example of suitable software for accomplishing this updating is illustrated in Fig. 5.
In Fig. 5, the comparator receives the signature for authentication and compares it with the personal signature profile (block 70) . If the result is not close to the edge of the tolerances or permitted variations, the comparator exits the program (block 72) . If the result is close to the edge of the tolerances or permitted variations, an invalid counter is incremented by one (block 74). The counter is checked (block 76) and, if the result is less than a pre-selected number, e.g. 5, the comparator exits the program (block 78) . If the results equals the pre-selected number, the old signature is replaced by the new signature (block 80) , and the Tolerance Table is rebuilt to include the new signature parameters and permitted variations (block 82) . At the same time, the Invalid Counter is cleared.
According to another embodiment of the invention, the signature authentication is utilized for network access, instead of a password. In this embodiment, the personal signature profile is provided to the network, in lieu of a personal passwork. When access to the network is desired, the user signs a digitizer coupled to his workstation, and the signature is compared with the personal signature profile. This method greatly increases security within the network, by preventing access to a hacker who discovered the password by unauthorized means, or to an unauthorized person who was given the password.
It will be appreciated that the invention is not limited to what has been described hereinabove merely by way of example. Rather, the inventon is limited solely by the claims which follow.

Claims

1. A system for authenticating a signature comprising:
(a) a digitizer and associated electronic pen ;
(b) a dynamic identification unit for receiving data from said digitizer produced during signature by said electronic pen on said digitizer, calculating signature parameters and permitted variations from said data, and generating a reference signature record therefrom;
(c) a comparator for comparing said received parameters produced during signature with said reference signature record; and
(d) apparatus for providing an accept or reject response in accordance with the output of said comparator.
2. The system according to claim 1, further comprising: a transmitter for transmitting said calculated signature parameters for authentication; and a receiver for receiving said transmitted signature parameters, said receiver being coupled to said comparator.
3. The system according to claim 2, wherein:
(a) said system further includes an encryptor for encrypting said measured parameters to provide an encrypted signature record; and (b) said dynamic identification unit further includes a decoder for decoding said encrypted signature record.
4. The system according to claim 1, wherein said reference signature record is stored on an IC (integrated chip) card.
5. The system according to any of claims 1 to 3 for authenticating a signature transmitted over a transmission line comprising:
(a) a vendor unit including: (1) a digitizer and associated electronic pen; and (b) a signature authorization unit coupled to said vendor unit by the transmission line and including:
(1) a dynamic identification unit for receiving data from said digitizer produced during signature by said electronic pen on said digitizer, calculating signature parameters therefrom, and generating a reference signature record corresponding thereto;
(2) a comparator for comparing said parameters produced during signature with said reference signature record; and
(3) apparatus for providing an accept or reject response to said vendor unit in accordance with the output of said comparator.
6. The system according to claim 2 or 3 for authenticating a signature transmitted over communication transmission lines comprising:
(a) a cardholder unit including: (1) a digitizer and associated an electronic pen;
(2) apparatus for transmitting the output of said digitizer over the communication transmission lines;
(b) a signature authorization unit including:
(1) a dynamic identification unit for receiving data from said digitizer produced during signature by said electronic pen on said digitizer, calculating signature parameters therefrom, and generating a reference signature record corresponding thereto;
(2) a comparator for comparing said parameters produced during signature with said reference signature record; and
(3) apparatus for providing an accept or reject response in accordance with the output of said comparator; and (c) a vendor unit coupled to said cardholder unit and to said signature authorization unit by the communication transmission lines and including a transceiver for receiving said output of said digitizer from said cardholder unit and transmitting it to said signature authorization unit; and for receiving said accept or reject response from said signature authorization unit.
7. The system according to any of the preceding claims, wherein said reference signature record includes an array of signature parameters and permitted variations.
8. The system according to any of the preceding claims, further comprising means for updating said reference signature record.
9. A method of authenticating a signature including the steps of:
(a) providing a reference signature record; (b) signing with an electronic pen on a digitizer tablet;
(c) calculating signature parameters from data received from said digitizer produced during signature by said electronic pen on said digitizer; (d) comparing said parameters produced during signature with said reference signature record; and
(e) providing an accept or reject response in accordance with results of the comparison.
10. The method according to claim 9, and further including the steps of:
(a) encrypting said calculated parameters with a encryption key after said step of calculating; and
(b) decrypting said encrypted parameters before comparing said parameters .
11. The method according to claim 9, wherein said step of providing a reference signature record includes:
(a) writing the signature on said digitizer several times;
(b) calculating signature parameters for each signature;
(c) calculating permitted variations of said signature parameters; and (d) storing said signature parameters and said permitted variations as a reference signature record.
12. The method according to any of claims 9 to 11, further comprising updating said reference signature record.
EP98933872A 1997-07-24 1998-07-23 System and method for authenticating signatures Withdrawn EP1033007A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
IL12138997 1997-07-24
IL12138997A IL121389A0 (en) 1997-07-24 1997-07-24 System and method for authenticating signatures
PCT/IL1998/000342 WO1999005816A1 (en) 1997-07-24 1998-07-23 System and method for authenticating signatures

Publications (2)

Publication Number Publication Date
EP1033007A1 true EP1033007A1 (en) 2000-09-06
EP1033007A4 EP1033007A4 (en) 2002-06-12

Family

ID=11070430

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98933872A Withdrawn EP1033007A4 (en) 1997-07-24 1998-07-23 System and method for authenticating signatures

Country Status (4)

Country Link
EP (1) EP1033007A4 (en)
JP (1) JP2003510668A (en)
IL (1) IL121389A0 (en)
WO (1) WO1999005816A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1272932A (en) * 1997-10-01 2000-11-08 株式会社凯迪克斯 Method and apparatus for authenticating IC card
JP5439358B2 (en) 2007-03-23 2014-03-12 アノト アクティエボラーク Print position coding pattern
JP7441592B2 (en) * 2019-09-11 2024-03-01 株式会社ワコム Touch controller and pen input system
CN114463858B (en) * 2022-01-12 2024-05-24 广州市双照电子科技有限公司 Signature behavior recognition method and system based on deep learning

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4724542A (en) * 1986-01-22 1988-02-09 International Business Machines Corporation Automatic reference adaptation during dynamic signature verification
US5347589A (en) * 1991-10-28 1994-09-13 Meeks Associates, Inc. System and method for displaying handwriting parameters for handwriting verification
DE4414682A1 (en) * 1994-04-27 1995-11-02 Siemens Ag Closed security system for control and record of access to secure areas
US5559895A (en) * 1991-11-08 1996-09-24 Cornell Research Foundation, Inc. Adaptive method and system for real time verification of dynamic human signatures

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS6295660A (en) * 1985-10-21 1987-05-02 Omron Tateisi Electronics Co Sign reading and writing system using integrated circuit card
US5195133A (en) * 1991-01-11 1993-03-16 Ncr Corporation Apparatus and method for producing a digitized transaction record including an encrypted signature
US5699445A (en) * 1992-04-10 1997-12-16 Paul W. Martin Method for recording compressed data
US5222138A (en) * 1992-08-06 1993-06-22 Balabon Sam D Remote signature rendering system & apparatus
US5434928A (en) * 1993-12-06 1995-07-18 At&T Global Information Solutions Company Method for verifying a handwritten signature entered into a digitizer
US5544255A (en) * 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4724542A (en) * 1986-01-22 1988-02-09 International Business Machines Corporation Automatic reference adaptation during dynamic signature verification
US5347589A (en) * 1991-10-28 1994-09-13 Meeks Associates, Inc. System and method for displaying handwriting parameters for handwriting verification
US5559895A (en) * 1991-11-08 1996-09-24 Cornell Research Foundation, Inc. Adaptive method and system for real time verification of dynamic human signatures
DE4414682A1 (en) * 1994-04-27 1995-11-02 Siemens Ag Closed security system for control and record of access to secure areas

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "Smart Card Protection by the Use of Dynamic Signature Verification One-Way Codes" IBM TECHNICAL DISCLOSURE BULLETIN, vol. 27, no. 8, 1 January 1985 (1985-01-01), page 4710 XP002195547 New York, US *
PENAGOS J D ET AL: "An efficient scheme for dynamic signature verification" SOUTHEASTCON '96. BRINGING TOGETHER EDUCATION, SCIENCE AND TECHNOLOGY., PROCEEDINGS OF THE IEEE TAMPA, FL, USA 11-14 APRIL 1996, NEW YORK, NY, USA,IEEE, US, 11 April 1996 (1996-04-11), pages 451-457, XP010163580 ISBN: 0-7803-3088-9 *
PLAMONDON R ET AL: "AUTOMATIC SIGNATURE VERIFICATION AND WRITER IDENTIFICATION THE STATE OF THE ART" PATTERN RECOGNITION, PERGAMON PRESS INC. ELMSFORD, N.Y, US, vol. 22, no. 2, 1 March 1989 (1989-03-01), pages 107-131, XP000461073 ISSN: 0031-3203 *
See also references of WO9905816A1 *

Also Published As

Publication number Publication date
WO1999005816A1 (en) 1999-02-04
IL121389A0 (en) 1998-01-04
JP2003510668A (en) 2003-03-18
EP1033007A4 (en) 2002-06-12

Similar Documents

Publication Publication Date Title
US7107454B2 (en) Signature system presenting user signature information
US5163098A (en) System for preventing fraudulent use of credit card
US4357529A (en) Multilevel security apparatus and method
US20200143035A1 (en) Method and System for securing user access, data at rest, and sensitive transactions using biometrics for mobile devices with protected local templates
US6594759B1 (en) Authorization firmware for conducting transactions with an electronic transaction system and methods therefor
US6581042B2 (en) Tokenless biometric electronic check transactions
US7721095B2 (en) Apparatus, system, and method for authenticating personal identity, computer readable medium having personal identity authenticating program recorded thereon, method of registering personal identity authenticating information, method of verifying personal identity authenticating information, and recording medium having personal identity authenticating information recorded thereon
AU736113B2 (en) Personal identification authenticating with fingerprint identification
US4993068A (en) Unforgeable personal identification system
US6269348B1 (en) Tokenless biometric electronic debit and credit transactions
JP2814923B2 (en) Transaction processing system
CA2010345C (en) Multilevel security apparatus and method with personal key
KR100768754B1 (en) Portable electronic charge and authorization devices and methods therefor
US20040203594A1 (en) Method and apparatus for signature validation
US20020180584A1 (en) Bio-metric smart card, bio-metric smart card reader, and method of use
US20120032782A1 (en) System for restricted biometric access for a secure global online and electronic environment
US20050055557A1 (en) Personal authentication system and portable unit and storage medium used therefor
KR20010052104A (en) Method for using fingerprints to distribute information over a network
EP1033007A1 (en) System and method for authenticating signatures
US20030070078A1 (en) Method and apparatus for adding security to online transactions using ordinary credit cards
JPH0750665A (en) Identity confirming device and its method
US20020062441A1 (en) Authentication apparatus for authentication to permit electronic document or payment by card using personal information of individual, verification apparatus for verifying individual at payment site, and electronic authentication system interconnecting the same
JP2003296691A (en) Recording medium, personal identification method, financial transaction method and device
WO2000008610A1 (en) Offline verification of integrated circuit card using hashed revocation list
JP2933180B2 (en) PIN code collation device

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20000215

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: WONDERNET LTD.

RIC1 Information provided on ipc code assigned before grant

Free format text: 7H 04L 9/32 A, 7G 06K 9/00 B

A4 Supplementary search report drawn up and despatched

Effective date: 20020503

AK Designated contracting states

Kind code of ref document: A4

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RA4 Supplementary search report drawn up and despatched (corrected)

Effective date: 20020515

RA4 Supplementary search report drawn up and despatched (corrected)

Effective date: 20020604

RA4 Supplementary search report drawn up and despatched (corrected)

Effective date: 20020607

17Q First examination report despatched

Effective date: 20030520

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20050913